Showing posts with label Tips. Show all posts
Showing posts with label Tips. Show all posts

Monday, March 18, 2024

How to Hunt Down Malware on Mobile Devices

co-authored by Josh Hickman, Subject Matter Expert Collect and Review, Cellebrite

The ubiquity of mobile devices makes them prime targets for malware attacks.
Despite the expertise in incident response and malware detection for PCs and Macs, mobile security, on the other hand, often remains uncharted territory for many organizations and users alike. No longer a question of if but when an attack is going to happen, there is a pertinent need for education in identification, resolution and bolstering defences against future attacks.

What Malware Looks Like and How it Gets There

Mobile malware manifests in various forms, from ransomware encrypting data to spyware surreptitiously monitoring activities. Understanding the modus operandi of mobile malware is critical for detection and mitigation efforts...How it lands on a device and what you can do... more

Thursday, February 15, 2024

Spybusters Tip #725: How to Find an Apple AirTag Hidden in Your Car

Apple AirTags are useful devices for locating commonly misplaced items like keys and wallets, but they can also be hijacked for more sinister purposes, such as tracking your whereabouts without your knowledge or consent. 

For a rogue AirTag to reveal meaningful surveillance information to its owner, it must be traveling with you: hidden in a pocket, purse, or vehicle you drive regularly. In most cases, Apple should alert you if it detects an unknown AirTag with a notification to your iPhone (or iPad) like "AirTag Found Moving With You." - Turn on AirTag alerts / Find an AirTag in your car... more

Friday, January 26, 2024

Citizens Warned Against Spy's 'Exotic Beauty' Traps

China has warned its citizens against "exotic beauties" seeking to lure them into the hands of foreign spy agencies.


The Ministry of State Security said a Chinese man, Li Si, went to a nightclub while on an overseas trip and was later blackmailed by foreign spies.

The ministry's WeChat post's title read, "Hunting for beauty? You may become the prey". Analysts say such warnings reflect a sense of insecurity among China's leaders. more
Actually, good advice for any business traveler.

Wednesday, January 24, 2024

How To Turn On Apple iPhone’s New Anti-Theft Feature

Apple's 'Stolen Device Protection' tool aims to deter cases of phone theft, but you need to enable it first.

Apple's new ‘stolen device protection' tool, was launched as part of its iOS 17.3 release, and plans to squash instances of phone theft by ramping up security requirements and limiting the amount of data thieves have access to...

Activating Apple's new security mechanism is very straightforward. First you need to enable two-factor authentication for your Apple AI and set up a device passcode, Face ID or Touch ID, Find My, and Significant Locations (under Location Services).

Once you have these up, you need to: 
  • Go to Settings
  • Tap ‘Face ID & PassCode'
  • Enter your device passcode
  • Tap to turn Stolen Device Protection on

Sunday, January 14, 2024

Spybuster Tip #629: Delete Apps that are 'Spying' Using 'One Day Rule'

Security experts have explained how your phone apps track and collect your data even if they remain unused, but there's a handy hack to avoid data harvesting and potential spying...

The rule involves simply deleting one unused app a day which the expert says can massively improve your phone efficiency and free up your storage space. Doing this will help you manage how your data is used and stop it from being harvested...

To delete an app on the iPhone, find the app on your home screen, touch and hold down the icon and tap "Remove app." If you are an Android user, go to the Google Play store, tap the profile icon in the top right, and go to Manage Apps and Devices > Manage. Tap the name of the app you want to delete and choose to uninstall. more

Friday, January 5, 2024

Spybuster Tip # 823: Store Your Car Key Fobs in a Metal Can

Thieves have perfected the art of stealing the code from that key fob sitting on a kitchen counter or hung on a hook by the door. And tools that make theft fast and easy can be purchased on the internet. Worse, the latest theft devices allow criminals to amplify a vehicle's radio signal so that thieves can better access and copy the key fob signal to steal a vehicle...

The Relay Attack, a two-person attack, is when a thief walks up to the victim’s home with a piece of equipment that captures the signal from the key fob and then transmits the signal from a car key fob. "An accomplice waits nearby at the car door, usually with another device, to open the car when the signal is received," the AARP website said. The copied signal can fool the car into starting the ignition.

Spybuster Tip #823: Store your car key fobs in a metal container when not in use.
Your other fobs are at risk too. Learn more here.

Saturday, June 24, 2023

Spybuster Tip #712 - Stop Smartphone Eavesdropping - Cap The App

Remember to check from time to time which apps have access to the microphone.


Here’s how to do it on iPhone:
  • Open the Settings app 
  • Scroll to Privacy & Security 
  • Tap Microphone 
  • Review the apps that have access to your microphone and toggle them on or off 
Here’s how to do it on an Android handset:
  • Open the Settings app 
  • Tap Privacy 
  • Tap Permission Manager 
  • Tap on Microphone 
  • Review the apps that have access to your microphone and toggle them on or off | more
Why is this important and timely?
A hacking group linked to the North Korean government has been caught using new wiretapping malware in recent surveillance attacks, according to an advisory from cybersecurity firm AhnLab. more

Saturday, March 25, 2023

Journalist Plugs in Unknown USB Drive Mailed to Him

...it exploded in his face

Although these are just a few examples, they should be enough to preclude one from inserting a mysterious, unsolicited USB drive mailed to them into a computer. Unfortunately, one Ecuadorian journalist didn't get the memos. more

In case you missed our memo...

USB Memory Security Recommendations

  • Block ports with a mechanical port block lock.
  • Place security tape over that.
  • Create a “no USB sticks unless pre-approved” rule.
  • Warn employees that a gift USB stick could be a Trojan Horse gift.
  • Warn employees that one easy espionage tactic involves leaving a few USB sticks scattered in the company parking lot. The opposition knows that someone will pick one up and plug it in. The infection begins the second they plug it in.
  • Don’t let visitors stick you. Extend the “no USB sticks unless pre-approved” rule to them as well. Their sticks may be infected.

Trending… IBM Takes The USB Memory Security Lead

USB Memory Security - Thumbs Down“IBM has allegedly issued a worldwide ban against the the use of removable drives, including Flash, USB, and SD cards, to transfer data.

This new policy is being instituted to prevent confidential and sensitive information from being leaked due to misplaced or unsecured storage devices.

According to a report by The Register, IBM’s global chief Information security officer Shamla Naidoo issued an advisory stating that the company “is expanding the practice of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive).” This advisory further stated that this policy is already in effect for some departments, but will be further enforced throughout the entire company.” more

Monday, January 16, 2023

Spybuster Tip #823 - Remote Control Duplicators

Never let your door / gate opener fob out of your control.

Here's why... Anyone (service person, neighbor, guest, valet, etc.) only needs to have access to your fob for a few seconds to make one for themselves.

Fob duplicators are cheap, available and easy to use... (more detailed version here)


Wednesday, July 13, 2022

17 CIA Tips - Think like a spy and stay safe while on vacation

The CIA is releasing these tips – or travel tradecraft, in spy parlance – as part of its ongoing effort to demystify its work in assisting the American public, according to agency spokesperson Walter Trosin.

I found the CIA's best practices, culled from the experience of its officers in the field, are exceptionally helpful, easy to adopt and especially relevant to Americans in these fraught times.

Here’s how to think like a spy on the ground overseas... more

Thursday, February 17, 2022

Spybuster Tip # 712: How to Thwart Off-Site Meeting Spies

The National Executive Council of the Academic Staff Union of Universities, on Sunday, changed the venue of the meeting... A reliable source said the venue was changed due to the fear of bugging of the auditorium by secret agents of the Nigerian government. more



Thursday, September 23, 2021

Reasons You Should Never Connect To Public Wifi

There Are Too Many Risks
Put simply, the risks you take when you connect to Wifi in public places such as libraries, stations, cafes, and shopping malls are often too great to make the benefits worthwhile...

  • Misuse of personal data Distribution of malware
  • Insecure connection
  • Online attacks on business
  • Eavesdropping

Hackers or anyone with a sound knowledge about internet software and applications can eavesdrop on your personal data if they are using the same public Wi-Fi connection as you are...

  • Try not to share your personal data while you are using a personal Wi-Fi connection.
  • Avoid logging in to websites that involve your personal or bank credentials.
  • Try using a VPN (virtual Private Network) service that will help you to encrypt all the data you receive or send.
  • Use 2-Factor authorizations that will make your connection secure and prevent the risk of data loss.” more

Tuesday, September 21, 2021

Spy Tip 592 - How to Eavesdrop More Effectively

Dr Anthony Youn explained that there is a way you can listen into a chat that wasn’t meant for you.

He explained: “Try listening with your right ear and not your left – your right ear is connected to the left side of your brain which processes speech and language.”

His posts on body hacks have gone viral and include a range of tricks and trips.

He also revealed how you can get rid of hiccups. more

Monday, March 22, 2021

How Grandma Hears Everything...

 …and why your business should care. 

There is a new eavesdropping spy trick in town. You could get burned unless you know about it.

Let’s start with Grandma. She is hard of hearing. A while back the family gave her money to buy two new hearing aids. Nice. Now she has stopped saying, “WHAT!” all the time. She hears everything clearly. 

There is only one problem. She seems to  hear everyone’s conversations even when she is not in the room. Sometimes she is in her room with the door closed. 

It’s a mystery, but we’ll figure it out soon. more

Tuesday, February 23, 2021

The Most Secure and Anonymous Communication Tools Available

 via David Koff, Tech Talk - The Technology Newsletter for Everyone...

What I’m about to share with you here is… kind of fringe. Like, “Edward Snowden” fringe.

Hopefully, that got your attention.

For some years now, the hacker, privacy, and journalism communities have all been debating, discussing, and using the tools I’m about to share with you in this installment. These tools are used not only to lock down your security and anonymity on the known internet, but also to access the portions of the internet that are normally hidden — “The Dark Web.” 

Despite their usefulness, I haven’t really seen information about these tools shared with the general public in a straightforward, easy-to-understand way. I think it’s worth changing that; while most of us don’t need the same high-privacy, high-security tools that confidential informants, journalists, and whistleblowers use, we should all know about these tools in case the time comes when we actually need them. more

Tuesday, December 29, 2020

Check Your Holiday Rental for Hidden Surveillance Cameras

Australia - There's something unsettling about the idea of being watched while you and your loved ones kick back on holidays. If you've searched online to find whether holiday rental landlords spy on their guests, there's plenty to feed your paranoia...

Still, if something feels off or you want to sweep the house, there are some steps you can take. Although without professionals and high-tech gear involved, it can't be 100 per cent accurate...

Julian Claxton, a counter-espionage specialist, recommended a hidden camera detector — small devices that project a light that will reflect off the lens of a covert camera... "The reality is, that's how a lot of these cameras can be found — through anomalies. Things that just don't look right within an environment," he explained.


Tips:

  1. Inspect what's on the Wi-Fi network... Many cameras sold in consumer electronic stores need an internet connection so they can be viewed remotely from a computer or app. This could provide a clue.

  2. Try to spot the camera lens... Julian Claxton, a counter-espionage specialist, recommended a hidden camera detector — small devices that project a light that will reflect off the lens of a covert camera.

  3. Check the power points... Hidden cameras need ongoing power, so Mr Claxton suggested looking at what's connected to power points.
     
  4. Look for oddly placed objects... Hidden cameras can be built into just about anything, but for the lay person, Mr Claxton suggested using "a bit of common sense". more

Also, consider taking a one-hour, on-line, video Spycam Detection Training course.

Sunday, November 29, 2020

Concerned about Sony's PS5 spying on you? Here is What You Can Do...

Sony's always-on PS5 DualSense mics are sparking privacy concerns. The PlayStation 5's DualSense controller comes with a built-in mic that's on by default, and it records what you say to help Sony "analyze" key data points. Here's how to change those settings, and what they mean.

Gamers are a bit concerned about privacy on the PS5. 

It was recently confirmed the DualSense's mic auto-records anything you say when unlocking an in-game trophy. This is just the tip of the iceberg, really.

As a PS5 owner you can limit the data that Sony collects. But you can't turn data collection off entirely.

Here's how to adjust your data collection settings:
Settings -> Users and Accounts -> Privacy -> Data You Provide more

Friday, October 9, 2020

The FBI Hotel Wi-Fi Security Checklist


The Federal Bureau of Investigation is issuing this announcement to encourage Americans to exercise caution when using hotel wireless networks (Wi-Fi) for telework.
FBI has observed a trend where individuals who were previously teleworking from home are beginning to telework from hotels. 

US hotels, predominantly in major cities, have begun to advertise daytime room reservations for guests seeking a quiet, distraction-free work environment. While this option may be appealing, accessing sensitive information from hotel Wi-Fi poses an increased security risk over home Wi-Fi networks. 

Malicious actors can exploit inconsistent or lax hotel Wi-Fi security and guests’ security complacency to compromise the work and personal data of hotel guests. Following good cyber security practices can minimize some of the risks associated with using hotel Wi-Fi for telework. more

Wednesday, August 5, 2020

Personal Alert: Home Sellers Eavesdropping on Buyers

You never want to reveal too much enthusiasm when home shopping. But now many are giving away their hand before they ever get inside. more

Monday, April 20, 2020

7 Espionage Tricks to Avoid While Working From Home

Don't get tricked into giving away personal information. 
Why? Because this is what you use for your passwords.
  1. Facebook Quizzes
    Quizzes are all over Facebook:  What does your eye color say about you? What kind of dog are you according to your zodiac sign? (Facebook says these were questions the criminals used.)

  2. 10 Things About You
    As people try to connect during the stay-at-home order, they are answering cut-and-paste questionnaires from their friends. They usually start with something like “Tell me 10 things I don’t know about you” and go on to ask questions like: Who was your first love? ... Here's the problem: those are the exact same questions asked when you forget your password. So, be wary of posting the answers on social media.

  3. Posting Information about Your Passwords
    People are posting all sorts of information about what’s going on at their homes with their children or with their pets. That’s fine, unless they use those same names as their passwords.

  4. Photos of the Home Work Station
    At this point, people are pretty proud of their work from home stations. They have a new webcam, a makeshift desk, and maybe even a good microphone. But posting photos of that home work station might give criminals too much information. Can someone see the screen from a window? Are they giving away the brands and models of their IoT devices (which might or might not have exploitable vulnerabilities)?

  5. Clicking Questionable Links
    There are a lot of questionable links on the internet. Users should be wary of sites they don’t recognize. While this is rudimentary advice, it’s a good reminder that the headline “New Pandemic Cure No One Is Talking About” likely leads to a malicious site.

  6. Be Aware of What’s Public
    Savvy users have changed their Facebook and Instagram profile settings to make them more private. But as soon as you post to a group or comment on someone’s post without strong privacy settings, folks outside your friend's group can see what you’re doing. And, other sites like Twitter and Reddit are not generally private. more 
 Thanks to Jake Milstein, CI Security Inc. for compiling this list.